1.9 KiB
1.9 KiB
Promotion and Sync (GitOps)
Staging to validated to production promotion for directory and routing artifacts, with signed bundles and CLI workflows.
Model
- Staging: Editable branch or workspace where artifacts (participant/endpoint config, BIN tables, signed routing bundles) are authored and validated.
- Validated: Output of validation (schema, lint, and rail-specific checks). Artifacts are signed and ready for promotion.
- Production: Deployed state consumed by the resolver and gateways. Updated only via promote from validated; rollback to a previous validated bundle when needed.
Signed bundles carry payload plus signature/fingerprint and optional effective_from / effective_to. Use the existing signed-bundle and routing artifact format (see data model and connectors).
CLI commands
When packages/cli (or equivalent) is present, support these workflows:
- as4-411-cli diff — Compare staging artifact set (or branch) against current production (or another ref). Output human- and machine-readable diff (participants, endpoints, routing_artifacts, policies).
- as4-411-cli validate — Validate staging: schema validation and linting per rail (using _rail-template and protocol validators). Exit non-zero on failure; report errors by file and rule.
- as4-411-cli promote — Promote validated, signed bundle to production. Verify signatures and effective dates; apply to store (or write to production artifact store). Record promotion in audit_log.
- as4-411-cli rollback — Rollback production to a previous validated revision (by tag or bundle id). Re-apply that revision's artifacts and invalidate affected caches.
Schema validation and linting must run per rail so that protocol-specific rules (e.g. BIN format, identifier types) are enforced before promotion.